@startuml !include design.plantuml.txt title 2.3 EPR_HPStoreDocuments actor hp as "Health Professional" box "Health Professional Portal" #DCBEC7 participant ps_gui as "Health Professional Portal" participant ps_x_service_user as "X-Service User" participant ps_pix_x_ref_consumer as "Patient Identifier \nCross-reference \nConsumer" participant ps_doc_source as "Document Sourcey\n| X-Service User" end box box "IdP" #DFF3F7 participant idp_user_authentication_provider as "User \nAuthentication \nProvider" end box box "Secondary Systems" #F7A69E participant ss_doc_repository as "Document Repository | X-Service Provider" end box box "Community Components" #FFEFDE participant cc_x_assertion_provider as "X-Assertion Provider" participant cc_hpd_provider_info_consumer as "Provider \nInformation \nConsumer" participant cc_hpd_provider_info_directory as "Provider \nInformation \nDirectory" participant cc_doc_registry as "Document Registry | X-Service Provider\nAuthorization Decision Consumer | X-Service User" participant cc_mpi_x_ref_manager as "Patient Identifier \nCross-reference \nManger" participant cc_ppq_policy_repository as "Policy Repository | X-Service Provider\nAuthorization Decision Consumer | X-Service User" participant cc_adp as "Authorization Decision Provider\n| X-Service Provider" end box box "Other Communities" #91D2E8 participant xc_adp as "Authorization Decision Provider\n| X-Service Provider" end box hp -[#black]> ps_gui activate ps_gui !include step_ps_gui_saml.plantuml.txt !include step_ps_pix.plantuml.txt !include step_ps_xua.plantuml.txt ps_gui -[#black]> ps_doc_source : provide and register document in repository grouped with xua activate ps_doc_source loop For the XDS Register Document Set related access decision enforcement, the EPR relies on the \nXDS Confidentiality Code within the document metadata to be stored in the patient’s Health Record. \nThe Authorization Decisions Consumer (Document Registry) MUST create one request to query for \nan access decision for each Confidentiality Code, before allowing the Register transaction to a Document Repository. ps_doc_source -> ss_doc_repository: [ITI-41] Provide and Register Document Set-b Request [MPI_A-PID] \ngrouped with [ITI-40] Provide X-User Assertion [EPR-SPID] activate ss_doc_repository ss_doc_repository -> cc_doc_registry: [ITI-42] Register Document Set-b Request [MPI_A-PID] \ngrouped with with [ITI-40] Provide X-User Assertion [EPR-SPID] activate cc_doc_registry cc_doc_registry -> cc_adp: ADR Authorization Decision Request (policy enforcing home community)\ngrouped with with [ITI-40] Provide X-User Assertion [EPR-SPID] activate cc_adp cc_doc_registry <- cc_adp: ADR Authorization Decision Response deactivate cc_adp loop policy enforcing from remote community cc_doc_registry -> xc_adp: XADR Cross-Community Authorization Decision Request\ngrouped with with [ITI-40] Provide X-User Assertion [EPR-SPID] activate xc_adp cc_doc_registry <- xc_adp: XADR Cross-Community Authorization Decision Response deactivate xc_adp end ss_doc_repository <- cc_doc_registry: [ITI-42] Register Document Set-b Response deactivate cc_doc_registry ps_doc_source <- ss_doc_repository: [ITI-41] Provide and Register Document Set-b Response deactivate ss_doc_repository end ps_gui <[#black]- ps_doc_source deactivate ps_doc_source hp <[#black]- ps_gui deactivate ps_gui @enduml